Ch4inrulz 1.0.1: CTF walkthrough, part 1

In this article, we will solve a Capture the Flag (CTF) challenge that was posted on VulnHub by an author named Askar. The description given by the author is as follows: “Frank has a small website and he is a smart developer with a normal security background. He always loves to follow a pattern. This machine was made for Jordan’s Top Hackers 2018 CTF. The difficulty level is Intermediate and the target of the CTF is to capture the Flag.”

I have provided a downloadable URL for this CTF, and you can download the machine and run it on VirtualBox. The torrent downloadable URL is also available for this VM; it has been added in the reference section of this article.

VulnHub is a well-known website for security researchers which aims to provide users with a way to learn and practice their hacking skills through a series of challenges in a safe and legal environment. You can download vulnerable machines from this website and try to exploit them. There are a lot of other challenging CTF exercises available on vulnhub.com and I highly suggest attempting them, as it is a good way to sharpen your skills and also learn new techniques in a safe environment.

Please Note: For all of these machines, I have used Oracle Virtual Box to run the downloaded machine. I am using Kali Linux as an attacker machine for solving this CTF. The techniques used are solely for educational purposes, and I am not responsible if the listed techniques are used against any other targets.

Summary of the steps

The summary of the steps for solving this CTF:

  1. Identifying the target host by using the Netdiscover utility
  2. Port scanning with Nmap
  3. Logging in with FTP default credentials and trying to exploit the FTP older (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Nikhil Kumar. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/JRZgL7b1qBg/